Agent: Extract network_scanning package from network package
This resolves some circular dependencies between Tunnel, IPuppet, and VictimHost.
This commit is contained in:
Mike Salvatore
parent
62f1861193
commit
b17c85cd01
|
|
@ -22,7 +22,7 @@ from infection_monkey.model import (
|
||||||
ID_STRING,
|
ID_STRING,
|
||||||
WGET_HTTP_UPLOAD,
|
WGET_HTTP_UPLOAD,
|
||||||
)
|
)
|
||||||
from infection_monkey.network.elasticfinger import ES_PORT
|
from infection_monkey.network_scanning.elasticfinger import ES_PORT
|
||||||
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
|
||||||
|
|
@ -8,8 +8,8 @@ from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey
|
from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey
|
||||||
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
from infection_monkey.exploit.tools.smb_tools import SmbTools
|
||||||
from infection_monkey.model import DROPPER_CMDLINE_DETACHED_WINDOWS, MONKEY_CMDLINE_DETACHED_WINDOWS
|
from infection_monkey.model import DROPPER_CMDLINE_DETACHED_WINDOWS, MONKEY_CMDLINE_DETACHED_WINDOWS
|
||||||
from infection_monkey.network.smbfinger import SMBFinger
|
|
||||||
from infection_monkey.network.tools import check_tcp_port
|
from infection_monkey.network.tools import check_tcp_port
|
||||||
|
from infection_monkey.network_scanning.smbfinger import SMBFinger
|
||||||
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
|
from infection_monkey.telemetry.attack.t1035_telem import T1035Telem
|
||||||
from infection_monkey.utils.commands import build_monkey_commandline
|
from infection_monkey.utils.commands import build_monkey_commandline
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,7 @@ from infection_monkey.i_puppet import (
|
||||||
)
|
)
|
||||||
from infection_monkey.model import VictimHost, VictimHostFactory
|
from infection_monkey.model import VictimHost, VictimHostFactory
|
||||||
from infection_monkey.network import NetworkAddress, NetworkInterface
|
from infection_monkey.network import NetworkAddress, NetworkInterface
|
||||||
from infection_monkey.network.scan_target_generator import compile_scan_target_list
|
from infection_monkey.network_scanning.scan_target_generator import compile_scan_target_list
|
||||||
from infection_monkey.telemetry.exploit_telem import ExploitTelem
|
from infection_monkey.telemetry.exploit_telem import ExploitTelem
|
||||||
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
||||||
from infection_monkey.telemetry.scan_telem import ScanTelem
|
from infection_monkey.telemetry.scan_telem import ScanTelem
|
||||||
|
|
|
||||||
|
|
@ -22,13 +22,13 @@ from infection_monkey.master import AutomatedMaster
|
||||||
from infection_monkey.master.control_channel import ControlChannel
|
from infection_monkey.master.control_channel import ControlChannel
|
||||||
from infection_monkey.model import DELAY_DELETE_CMD, VictimHostFactory
|
from infection_monkey.model import DELAY_DELETE_CMD, VictimHostFactory
|
||||||
from infection_monkey.network import NetworkInterface
|
from infection_monkey.network import NetworkInterface
|
||||||
from infection_monkey.network.elasticsearch_fingerprinter import ElasticSearchFingerprinter
|
|
||||||
from infection_monkey.network.firewall import app as firewall
|
from infection_monkey.network.firewall import app as firewall
|
||||||
from infection_monkey.network.http_fingerprinter import HTTPFingerprinter
|
|
||||||
from infection_monkey.network.info import get_local_network_interfaces
|
from infection_monkey.network.info import get_local_network_interfaces
|
||||||
from infection_monkey.network.mssql_fingerprinter import MSSQLFingerprinter
|
from infection_monkey.network_scanning.elasticsearch_fingerprinter import ElasticSearchFingerprinter
|
||||||
from infection_monkey.network.smb_fingerprinter import SMBFingerprinter
|
from infection_monkey.network_scanning.http_fingerprinter import HTTPFingerprinter
|
||||||
from infection_monkey.network.ssh_fingerprinter import SSHFingerprinter
|
from infection_monkey.network_scanning.mssql_fingerprinter import MSSQLFingerprinter
|
||||||
|
from infection_monkey.network_scanning.smb_fingerprinter import SMBFingerprinter
|
||||||
|
from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter
|
||||||
from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
|
from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
|
||||||
from infection_monkey.puppet.puppet import Puppet
|
from infection_monkey.puppet.puppet import Puppet
|
||||||
from infection_monkey.system_singleton import SystemSingleton
|
from infection_monkey.system_singleton import SystemSingleton
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1 @@
|
||||||
from .scan_target_generator import NetworkAddress, NetworkInterface
|
from .info import NetworkAddress, NetworkInterface
|
||||||
from .ping_scanner import ping
|
|
||||||
from .tcp_scanner import scan_tcp_ports
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
import itertools
|
import itertools
|
||||||
import socket
|
import socket
|
||||||
import struct
|
import struct
|
||||||
|
from collections import namedtuple
|
||||||
from ipaddress import IPv4Network
|
from ipaddress import IPv4Network
|
||||||
from random import randint # noqa: DUO102
|
from random import randint # noqa: DUO102
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
@ -11,8 +12,6 @@ import psutil
|
||||||
from common.network.network_range import CidrRange
|
from common.network.network_range import CidrRange
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
from . import NetworkInterface
|
|
||||||
|
|
||||||
# Timeout for monkey connections
|
# Timeout for monkey connections
|
||||||
TIMEOUT = 15
|
TIMEOUT = 15
|
||||||
LOOPBACK_NAME = b"lo"
|
LOOPBACK_NAME = b"lo"
|
||||||
|
|
@ -21,6 +20,9 @@ SIOCGIFNETMASK = 0x891B # get network PA mask
|
||||||
RTF_UP = 0x0001 # Route usable
|
RTF_UP = 0x0001 # Route usable
|
||||||
RTF_REJECT = 0x0200
|
RTF_REJECT = 0x0200
|
||||||
|
|
||||||
|
NetworkInterface = namedtuple("NetworkInterface", ("address", "netmask"))
|
||||||
|
NetworkAddress = namedtuple("NetworkAddress", ("ip", "domain"))
|
||||||
|
|
||||||
|
|
||||||
def get_local_network_interfaces() -> List[NetworkInterface]:
|
def get_local_network_interfaces() -> List[NetworkInterface]:
|
||||||
network_interfaces = []
|
network_interfaces = []
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,2 @@
|
||||||
|
from .ping_scanner import ping
|
||||||
|
from .tcp_scanner import scan_tcp_ports
|
||||||
|
|
@ -1,13 +1,10 @@
|
||||||
import itertools
|
import itertools
|
||||||
import logging
|
import logging
|
||||||
import socket
|
import socket
|
||||||
from collections import namedtuple
|
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
from common.network.network_range import InvalidNetworkRangeError, NetworkRange
|
from common.network.network_range import InvalidNetworkRangeError, NetworkRange
|
||||||
|
from infection_monkey.network import NetworkAddress, NetworkInterface
|
||||||
NetworkInterface = namedtuple("NetworkInterface", ("address", "netmask"))
|
|
||||||
NetworkAddress = namedtuple("NetworkAddress", ("ip", "domain"))
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
@ -2,7 +2,7 @@ import logging
|
||||||
import threading
|
import threading
|
||||||
from typing import Dict, List, Sequence
|
from typing import Dict, List, Sequence
|
||||||
|
|
||||||
from infection_monkey import network
|
from infection_monkey import network_scanning
|
||||||
from infection_monkey.i_puppet import (
|
from infection_monkey.i_puppet import (
|
||||||
Credentials,
|
Credentials,
|
||||||
ExploiterResultData,
|
ExploiterResultData,
|
||||||
|
|
@ -40,12 +40,12 @@ class Puppet(IPuppet):
|
||||||
return self._mock_puppet.run_pba(name, options)
|
return self._mock_puppet.run_pba(name, options)
|
||||||
|
|
||||||
def ping(self, host: str, timeout: float = 1) -> PingScanData:
|
def ping(self, host: str, timeout: float = 1) -> PingScanData:
|
||||||
return network.ping(host, timeout)
|
return network_scanning.ping(host, timeout)
|
||||||
|
|
||||||
def scan_tcp_ports(
|
def scan_tcp_ports(
|
||||||
self, host: str, ports: List[int], timeout: float = 3
|
self, host: str, ports: List[int], timeout: float = 3
|
||||||
) -> Dict[int, PortScanData]:
|
) -> Dict[int, PortScanData]:
|
||||||
return network.scan_tcp_ports(host, ports, timeout)
|
return network_scanning.scan_tcp_ports(host, ports, timeout)
|
||||||
|
|
||||||
def fingerprint(
|
def fingerprint(
|
||||||
self,
|
self,
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ from unittest.mock import MagicMock
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.model import VictimHostFactory
|
from infection_monkey.model import VictimHostFactory
|
||||||
from infection_monkey.network.scan_target_generator import NetworkAddress
|
from infection_monkey.network import NetworkAddress
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,10 @@ import pytest
|
||||||
|
|
||||||
from common.common_consts.network_consts import ES_SERVICE
|
from common.common_consts.network_consts import ES_SERVICE
|
||||||
from infection_monkey.i_puppet import PortScanData, PortStatus
|
from infection_monkey.i_puppet import PortScanData, PortStatus
|
||||||
from infection_monkey.network.elasticsearch_fingerprinter import ES_PORT, ElasticSearchFingerprinter
|
from infection_monkey.network_scanning.elasticsearch_fingerprinter import (
|
||||||
|
ES_PORT,
|
||||||
|
ElasticSearchFingerprinter,
|
||||||
|
)
|
||||||
|
|
||||||
PORT_SCAN_DATA_OPEN = {ES_PORT: PortScanData(ES_PORT, PortStatus.OPEN, "", f"tcp-{ES_PORT}")}
|
PORT_SCAN_DATA_OPEN = {ES_PORT: PortScanData(ES_PORT, PortStatus.OPEN, "", f"tcp-{ES_PORT}")}
|
||||||
PORT_SCAN_DATA_CLOSED = {ES_PORT: PortScanData(ES_PORT, PortStatus.CLOSED, "", f"tcp-{ES_PORT}")}
|
PORT_SCAN_DATA_CLOSED = {ES_PORT: PortScanData(ES_PORT, PortStatus.CLOSED, "", f"tcp-{ES_PORT}")}
|
||||||
|
|
@ -26,7 +29,7 @@ def test_successful(monkeypatch, fingerprinter):
|
||||||
"version": {"number": "1.0.0"},
|
"version": {"number": "1.0.0"},
|
||||||
}
|
}
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch",
|
"infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch",
|
||||||
lambda _: successful_server_response,
|
lambda _: successful_server_response,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -49,7 +52,7 @@ def test_successful(monkeypatch, fingerprinter):
|
||||||
def test_fingerprinting_skipped_if_port_closed(monkeypatch, fingerprinter, port_scan_data):
|
def test_fingerprinting_skipped_if_port_closed(monkeypatch, fingerprinter, port_scan_data):
|
||||||
mock_query_elasticsearch = MagicMock()
|
mock_query_elasticsearch = MagicMock()
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch",
|
"infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch",
|
||||||
mock_query_elasticsearch,
|
mock_query_elasticsearch,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -70,7 +73,7 @@ def test_fingerprinting_skipped_if_port_closed(monkeypatch, fingerprinter, port_
|
||||||
)
|
)
|
||||||
def test_no_response_from_server(monkeypatch, fingerprinter, mock_query_function):
|
def test_no_response_from_server(monkeypatch, fingerprinter, mock_query_function):
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch",
|
"infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch",
|
||||||
mock_query_function,
|
mock_query_function,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -3,7 +3,7 @@ from unittest.mock import MagicMock
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.i_puppet import PortScanData, PortStatus
|
from infection_monkey.i_puppet import PortScanData, PortStatus
|
||||||
from infection_monkey.network.http_fingerprinter import HTTPFingerprinter
|
from infection_monkey.network_scanning.http_fingerprinter import HTTPFingerprinter
|
||||||
|
|
||||||
OPTIONS = {"http_ports": [80, 443, 8080, 9200]}
|
OPTIONS = {"http_ports": [80, 443, 8080, 9200]}
|
||||||
|
|
||||||
|
|
@ -24,7 +24,7 @@ def mock_get_server_from_headers():
|
||||||
@pytest.fixture(autouse=True)
|
@pytest.fixture(autouse=True)
|
||||||
def patch_get_server_from_headers(monkeypatch, mock_get_server_from_headers):
|
def patch_get_server_from_headers(monkeypatch, mock_get_server_from_headers):
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.http_fingerprinter._get_server_from_headers",
|
"infection_monkey.network_scanning.http_fingerprinter._get_server_from_headers",
|
||||||
mock_get_server_from_headers,
|
mock_get_server_from_headers,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -4,7 +4,7 @@ from unittest.mock import MagicMock
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.i_puppet import PortScanData, PortStatus
|
from infection_monkey.i_puppet import PortScanData, PortStatus
|
||||||
from infection_monkey.network.mssql_fingerprinter import (
|
from infection_monkey.network_scanning.mssql_fingerprinter import (
|
||||||
MSSQL_SERVICE,
|
MSSQL_SERVICE,
|
||||||
SQL_BROWSER_DEFAULT_PORT,
|
SQL_BROWSER_DEFAULT_PORT,
|
||||||
MSSQLFingerprinter,
|
MSSQLFingerprinter,
|
||||||
|
|
@ -36,7 +36,7 @@ def test_mssql_fingerprint_successful(monkeypatch, fingerprinter):
|
||||||
b"IsClustered;No;Version;11.1.1111.111;tcp;1433;np;blah_blah;;"
|
b"IsClustered;No;Version;11.1.1111.111;tcp;1433;np;blah_blah;;"
|
||||||
)
|
)
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data",
|
"infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data",
|
||||||
lambda _: successful_server_response,
|
lambda _: successful_server_response,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -69,7 +69,7 @@ def test_mssql_fingerprint_successful(monkeypatch, fingerprinter):
|
||||||
)
|
)
|
||||||
def test_mssql_no_response_from_server(monkeypatch, fingerprinter, mock_query_function):
|
def test_mssql_no_response_from_server(monkeypatch, fingerprinter, mock_query_function):
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data",
|
"infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data",
|
||||||
mock_query_function,
|
mock_query_function,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -89,7 +89,7 @@ def test_mssql_wrong_response_from_server(monkeypatch, fingerprinter):
|
||||||
b"Pellentesque ultrices ornare libero, ;;"
|
b"Pellentesque ultrices ornare libero, ;;"
|
||||||
)
|
)
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data",
|
"infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data",
|
||||||
lambda _: mangled_server_response,
|
lambda _: mangled_server_response,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -3,7 +3,7 @@ from unittest.mock import MagicMock
|
||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.network import ping
|
from infection_monkey.network_scanning import ping
|
||||||
|
|
||||||
LINUX_SUCCESS_OUTPUT = """
|
LINUX_SUCCESS_OUTPUT = """
|
||||||
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
|
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
|
||||||
|
|
@ -3,11 +3,8 @@ from itertools import chain
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from common.network.network_range import InvalidNetworkRangeError
|
from common.network.network_range import InvalidNetworkRangeError
|
||||||
from infection_monkey.network.scan_target_generator import (
|
from infection_monkey.network import NetworkAddress, NetworkInterface
|
||||||
NetworkAddress,
|
from infection_monkey.network_scanning.scan_target_generator import compile_scan_target_list
|
||||||
NetworkInterface,
|
|
||||||
compile_scan_target_list,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def compile_ranges_only(ranges):
|
def compile_ranges_only(ranges):
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.i_puppet import FingerprintData, PortScanData, PortStatus
|
from infection_monkey.i_puppet import FingerprintData, PortScanData, PortStatus
|
||||||
from infection_monkey.network.ssh_fingerprinter import SSHFingerprinter
|
from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from infection_monkey.i_puppet import PortStatus
|
from infection_monkey.i_puppet import PortStatus
|
||||||
from infection_monkey.network import scan_tcp_ports
|
from infection_monkey.network_scanning import scan_tcp_ports
|
||||||
|
|
||||||
PORTS_TO_SCAN = [22, 80, 8080, 143, 445, 2222]
|
PORTS_TO_SCAN = [22, 80, 8080, 143, 445, 2222]
|
||||||
|
|
||||||
|
|
@ -11,7 +11,7 @@ OPEN_PORTS_DATA = {22: "SSH-banner", 80: "", 2222: "SSH2-banner"}
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def patch_check_tcp_ports(monkeypatch, open_ports_data):
|
def patch_check_tcp_ports(monkeypatch, open_ports_data):
|
||||||
monkeypatch.setattr(
|
monkeypatch.setattr(
|
||||||
"infection_monkey.network.tcp_scanner._check_tcp_ports",
|
"infection_monkey.network_scanning.tcp_scanner._check_tcp_ports",
|
||||||
lambda *_: open_ports_data,
|
lambda *_: open_ports_data,
|
||||||
)
|
)
|
||||||
|
|
||||||
Loading…
Reference in New Issue